Detections
Analytics

SUSE SLES10 / SLES11 Security Update : ibutils (SUSE-SU-2013:1193-1)

medium Nessus Plugin ID 83591

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

Various tmp races in ibdiagnet of ibutils have been fixed that could have been used by local attackers on machines where infiband was debugged to gain privileges.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11 SP3 :

zypper in -t patch sdksp3-ibutils-8030

SUSE Linux Enterprise Software Development Kit 11 SP2 :

zypper in -t patch sdksp2-ibutils-8029

SUSE Linux Enterprise Server 11 SP3 for VMware :

zypper in -t patch slessp3-ibutils-8030

SUSE Linux Enterprise Server 11 SP3 :

zypper in -t patch slessp3-ibutils-8030

SUSE Linux Enterprise Server 11 SP2 for VMware :

zypper in -t patch slessp2-ibutils-8029

SUSE Linux Enterprise Server 11 SP2 :

zypper in -t patch slessp2-ibutils-8029

To bring your system up-to-date, use 'zypper patch'.

See Also

http://www.nessus.org/u?01a87678

http://www.nessus.org/u?7f3e4013

http://www.nessus.org/u?d006dcec

http://support.novell.com/security/cve/CVE-2013-1894.html

https://bugzilla.novell.com/811660

http://www.nessus.org/u?5a1a72da

Plugin Details

Severity: Medium

ID: 83591

File Name: suse_SU-2013-1193-1.nasl

Version: 2.3

Type: local

Agent: unix

Published: 5/20/2015

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:ibutils, p-cpe:/a:novell:suse_linux:ibutils-devel, cpe:/o:novell:suse_linux:10, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 7/12/2013

Reference Information

CVE: CVE-2013-1894